spdx
Here are 22 public repositories matching this topic...
licensechecker (lc) a command line application which scans directories and identifies what software license things are under producing reports as either SPDX, CSV, JSON, XLSX or CLI Tabular output. Dual-licensed under MIT or the UNLICENSE.
-
Updated
Mar 19, 2019 - Go
An example project that demonstrates how to automate a release with SBOM generation using Syft
-
Updated
Feb 23, 2023 - Go
SBOM Grep - search through SBOMs
-
Updated
Aug 28, 2024 - Go
Tool to inspect and push and SPDX document as an OCI artifact
-
Updated
Jul 14, 2023 - Go
Automate copyright headers and license files at scale
-
Updated
Jun 24, 2024 - Go
Utility that provides an API platform for validating, querying and managing BOM data
-
Updated
Aug 2, 2024 - Go
licensechecker (lc) a command line application which scans directories and identifies what software license things are under producing reports as either SPDX, CSV, JSON, XLSX or CLI Tabular output. Dual-licensed under MIT or the UNLICENSE.
-
Updated
Jun 19, 2024 - Go
SBOM quality score - Quality metrics for your sboms
-
Updated
Sep 12, 2024 - Go
Chainloop is an Open Source evidence store for your Software Supply Chain attestations, SBOMs, VEX, SARIF, CSAF files, QA reports, and more.
-
Updated
Sep 13, 2024 - Go
Reliable project licenses detector.
-
Updated
Jun 9, 2023 - Go
Scans Software Bill of Materials (SBOMs) for security vulnerabilities
-
Updated
Sep 12, 2024 - Go
Improve this page
Add a description, image, and links to the spdx topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the spdx topic, visit your repo's landing page and select "manage topics."